An Entropy-based Approach to Detecting Anomalies in Voice over Internet Protocol (VoIP) Traffic

Abstract

Computer intrusion is a growing concern and field of investigation among government and private agencies. The main issue with most of the current Intrusion Detection Systems (IDSs) is that they are based on signature based observations, which means this class of detection system will only alert on attacks that the system is programmed to see. Entropy can be applied in various ways to examine data, but it is not a standalone IDS. It offers a theoretical, yet practical approach for the detection of abnormal patterns of behavior.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 01, 2010
Accession Number
ADA532059

Entities

People

  • Gardner W. Thompson

Organizations

  • United States Army Research Laboratory

Tags

DTIC Thesaurus Topics

  • Anomaly Detection
  • Change Detection
  • Computers
  • Data Sets
  • Detection
  • Detectors
  • Governments
  • Internet
  • Intrusion
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Military Research
  • Network Protocols
  • Observation
  • Simulations
  • Voice Over Internet Protocol

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Sensor Fusion and Tracking Systems.
  • Systems Analysis and Design